GO-2026-4380 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access in github.com/amir20/dozzle

Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access in github.com/amir20/dozzle...

CVE-2026-24740 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...

Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....

GHSA-M855-R557-5RC5 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a label-based KASAN-enabled address launch issue...

Nextcloud 访问控制错误漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from an access control error vulnerability that stems from the fact that when a system label-based file access control or file retention...

CVE-2022-44643 Access policy with access to all tenants and using label selectors has more access

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

CVE-2022-44643

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

CVE-2022-44643

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

Design/Logic Flaw

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

PT-2022-7105 · Grafana · Grafana Enterprise Metrics

Name of the Vulnerable Software and Affected Versions: Grafana Enterprise Metrics versions prior to 1.7.1 Grafana Enterprise Metrics versions prior to 2.3.1 Description: The issue is related to the label-based access control in Grafana Enterprise Metrics, allowing an attacker to have more access...